1 / 9

Information and Information Technology Privacy at IU

Information and Information Technology Privacy at IU. Eric Cosens, CNE, CISA, CIPP University Deputy Information Policy Officer. So, what’s a policy?. In the context of information and information technology;

madison
Download Presentation

Information and Information Technology Privacy at IU

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information and Information Technology Privacy at IU Eric Cosens, CNE, CISA, CIPP University Deputy Information Policy Officer

  2. So, what’s a policy? • In the context of information and information technology; • “A policy is an agreed upon, formal, high-level statement that describes the university’s philosophy, values, and/or direction for a specified subject area.”

  3. So, what’s a policy? • fairly brief, focusing on guiding principles (i.e. the “why”) rather than on technical or process details (i.e. the “how”). • purpose is to guide present and future decisions so that they are in agreement with university goals and objectives. • not procedures, standards, guidelines or best practices.

  4. Policy IT-07 Privacy of Electronic Information and IT Resources • Scope: • “applies to all authorized users of Indiana University information technology resources, irrespective of whether those resources or data are stored on or accessed from on-campus or off-campus locations. Unauthorized users are not protected by this policy.”

  5. Policy IT-07 Privacy of Electronic Information and IT Resources • Rationale: • “This policy seeks to balance individual freedom and privacy with the need for access by persons other than the account holder when necessary to serve or protect other core values and operations within the university or to meet a legal requirement.”

  6. Policy IT-07 Privacy of Electronic Information and IT Resources • Policy Statement: • “Stored electronic files and voice and data network communications may not be accessed by someone other than . . . except in certain limited circumstances in which access is appropriate to serve or protect other core values and operations . . . as outlined in this policy . . .”

  7. Policy IT-07 Privacy of Electronic Information and IT Resources • Procedures Section covers: • Situations that require authorization to access information. • Notification. • Preservation of information for legal reasons. • Situations that require no authorization to access information.

  8. Policy IT-07 Privacy of Electronic Information and IT Resources • For the full text, see: http://informationpolicy.iu.edu/policies/IT07 • And the accompanying FAQ at: http://informationpolicy.iu.edu/policies/IT07FAQ

  9. Questions?

More Related